Sql injection

SQL injection vulnerability in login.php in OtomiGenX 2.2 allows remote attackers to execute arbitrary SQL commands via the userAccount parameter aka the User Name field to index.php. NOTE: some of these details are obtained from third party information...

CVE-2008-2629

SQL injection vulnerability in the LifeType formerly pLog module for Drupal allows remote attackers to execute arbitrary SQL commands via the albumId parameter in a ViewAlbum action to index.php...

CVE-2008-2637

Multiple cross-site scripting XSS vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via quotes in 1 the cssexceptions parameter in vdesk/admincon/webyfiers.php and 2 the sqlmatchscope parameter in...

TNT Forum 0.9.4 - Local File Inclusion

====================================================== TNT Forum 0.9.4 Local File Inclusion Vulnerabilities ====================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

TNT Forum 0.9.4 - Local File Inclusion

TNT Forum 0.9.4 - Local File Inclusion ====================================================== TNT Forum 0.9.4 Local File Inclusion Vulnerabilities ====================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking...

CVE-2008-2629

SQL injection vulnerability in the LifeType formerly pLog module for Drupal allows remote attackers to execute arbitrary SQL commands via the albumId parameter in a ViewAlbum action to index.php...

CVE-2008-2563

Multiple cross-site scripting XSS vulnerabilities in 1 dspmain.php and 2 dsptaskeditor.php in SamTodo 1.1 allow remote attackers to inject arbitrary web script or HTML via the a tid parameter in a main.taskeditor edit action, and the b completed parameter in a main.default action, to index.php...

CVE-2008-2563

Multiple cross-site scripting XSS vulnerabilities in 1 dspmain.php and 2 dsptaskeditor.php in SamTodo 1.1 allow remote attackers to inject arbitrary web script or HTML via the a tid parameter in a main.taskeditor edit action, and the b completed parameter in a main.default action, to index.php...

Sql injection

SQL injection vulnerability in index.php in EasyWay CMS allows remote attackers to execute arbitrary SQL commands via the mid parameter...

CVE-2008-2555

CVE-2008-2555 involves a SQL injection in EasyWay CMS. The vulnerability is in the file index.php where the mid parameter can be exploited to execute arbitrary SQL commands. This is the supported, concrete detail from the connected documents. The sources do not specify exploitation specifics, aff...

mambomambads-sql.txt

!/usr/bin/perl -w Mambo Component mambads 1.0 RC1 Beta & 1.0 RC1 Remote SQL Injection Found by : Houssamix From H-T Team H-T Team HouSSaMix + ToXiC350 from MoroCCo Greetz : Stack & CoNaN & HaCkeREgY & room-hacker & Hak3r-b0y & All friends & All muslims HaCkeRs : ScriptName: "Mambo" ComponentName:...

Mambo Component mambads 1.0 RC1 Beta - SQL Injection

Mambo Component mambads 1.0 RC1 Beta - SQL Injection !/usr/bin/perl -w Mambo Component mambads 1.0 RC1 Beta & 1.0 RC1 Remote SQL Injection Found by : Houssamix From H-T Team H-T Team HouSSaMix + ToXiC350 from MoroCCo Greetz : Stack & CoNaN & HaCkeREgY & room-hacker & Hak3r-b0y & All friends & All...

Sql injection

Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 articleid and 2 mcname parameters. NOTE: some of these details are obtained from third party information...

Sql injection

SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action...

CVE-2008-2487

SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action...

CVE-2008-2484

CVE-2008-2484 : A SQL injection in index.php of Xomol CMS 1.20071213 (magic_quotes_gpc disabled) allows remote attackers to execute arbitrary SQL via the email parameter. The NVD description confirms the vulnerable component and input vector; exploitation status is not provided in the connected d...

CVE-2008-2498

Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 articleid and 2 mcname parameters. NOTE: some of these details are obtained from third party information...

CVE-2008-2495

Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to have an unknown impact via a .. dot dot in the p parameter...

CVE-2008-2494

Cross-site scripting XSS vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via the l parameter...

CVE-2008-2494

CVE-2008-2494 describes a cross-site scripting (XSS) vulnerability in Zina 1.0 RC3, specifically in index.php, where an attacker can inject arbitrary web script or HTML through the l parameter. The connected records corroborate the issue as XSS affecting Zina 1.0 RC3; no explicit exploit details,...